One of the many problems with the exchange of cryptographic material is ensuring its authenticity. To date, many systems have been devised to enable two peer devices to exchange credentials in an authenticate fashion. This includes the use of X.509 certificates that are associated with a certificate authority. Other methods such as a Short Authentication String (SAS) have been devised by the Pretty Good Privacy (PGP) efforts. Such traditional methods have shortcomings whether it be in terms of complexity or fragility against malicious attacks.
For example, suppose that two peer systems wish to securely exchange message-oriented data across unsecure voice and/or data communications paths. Based on the use of public key cryptography, the at least two peers exchange public keys in an authenticated manner. Traditionally this is done using additional infrastructure and/or at least one trusted third party (e.g., a certifying authority) that can vouch for the veracity of each of the public keys to prevent spoofing. This additional infrastructure or service can be cumbersome to setup and use, and can also be expensive to maintain.
To alleviate this burden, the exchange of cryptographic material can be enhanced by using a one time passcode or passphrase (OTP) that is minimally used to validate the authentication of the cryptographic material between cooperating peers. The OTP may also be used as a seed to encipher the exchange, obscuring the cryptographic material from potential nefarious or malicious parties. Furthermore, the OTP can be end-user friendly, allowing input through standard user input methods (i.e. keyboard, touchscreen, gestures, etc.).
For increased privacy, it is desirable for the OTP to be agreed upon between the cooperating peers out of band of the cryptographic material exchange. In one exemplary non-limiting example, voice communications (either over a network or in person) may be used to securely exchange the one time pad. Using this a priori knowledge of the OTP, it is then applied to authenticating and/or deciphering the cryptographic material that can be used as the basis for subsequent communications.
Consider the following non-limiting use case where two individuals would like to exchange cryptographic material used to secure short message service (SMS) communications with an application such as ProtectedSMS. In one common example scenario, two individuals are standing near one another and exchange contact information such as name, phone number, etc. During their exchange, one party suggests an OTP to use for establishing a secure relationship. As indicated before, this can be in the form of numbers, letters, passwords, gestures on a touch screen, etc. At this point the users enter the OTP into the application for use during the Protected SMS Contact Registration Exchange (CRE). Prior to the initiating peer sending out the registration request, the OTP is used as an authentication key for a one-way keyed-hash algorithm such as SHA256-HMAC and/or used as or to generate a cryptographic key that can be used to encipher the message. Upon the processing of the registration request message by the receiving peer, the Protected SMS application will use the OTP to decipher and/or authenticate the registration request. If the process correctly deciphers and/or authenticates the request, the peer knows that the request was valid from the initiating party. If not, an error status is returned to the user to indicate that either the request may have been corrupted in transit or a nefarious party tried to mount was is commonly referred to as a man-in-the-middle (MITM) attack. If the message was valid, the OTP can then be used to authenticate and/or cipher the registration response message that is sent back to the initiating peer. At this point, if the registration exchange has successfully completed, each peer system can be confident in the veracity of the cryptographic material exchanged.
Integrating the OTP functionality into the initial exchange of cryptographic material between two systems further increases the security of the exchange. If the OTP is truly random and kept secret between the two parties exchanging the cryptographic material, the validity of the material can be assured. As a by-product of this process, attempts to thwart the exchange can also be more easily detected.